Wireless Intruder Detection System (WIDS) in Detecting De-Authentication and Disassociation Attacks in IEEE 802.11

Baharudin, Norzaidi; Ali, Fakariah Hani Mohd; Darus, Mohamad Yusof; Awang, Norkhushaini

doi:10.1109/icitcs.2015.7293037

Cited by 14 publications

(11 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Our method focuses on a single client and it uses combinations of three parameters do decrease the false positive rate. Authors [15] used a combination of the radio-tap header information for the detection of de-authentication attacks such as channel type, dB Antenna signal, and rate. Authors [16] used only reason code parameter in the MAC header to detect the attack.…”

Section: Resultsmentioning

confidence: 99%

See 1 more Smart Citation

A Light Weight Solution for Detecting De-Authentication Attack

Singh¹,

Kumar²

2019

IJNSA

View full text Add to dashboard Cite

Nowadays Wireless local area networks (WLANs) are growing very rapidly. Due to the popularity of 802.11 networks, possibilities of various attacks to the wireless network have also increased. In this paper, a special type of attack De-Authentication/disassociation attack has been investigated. In a normal scenario, a wireless client or user sends a de-authentication frame when it wants to terminate the connection. These frames are in plain text and are not encrypted. These are not authenticated by the access point. Attackers take advantage of this, and spoof these packets and disable the communication between the connected client and access point. In this paper, an algorithm based on radio-tap header information is suggested to identify whether there is a De-Authentication attack on the client or not.

show abstract

Section: Resultsmentioning

confidence: 99%

“…But the main drawback of this is that they considered a number of different types of packets transferred on the network. Authors in [15] proposed a new technique for preventing a de-authentication attack. This tool can be used as personal WIDS.…”

Section: Literature Reviewmentioning

confidence: 99%

A Light Weight Solution for Detecting De-Authentication Attack

Singh¹,

Kumar²

2019

IJNSA

View full text Add to dashboard Cite

show abstract

“…Some of the studies offered solution to avoid the adversary before they launch an attack. Baharudin et al [42] proposed a personal IDS which is able to notify users, when RAP is attempting to impersonate. Selvarathinam et al [43] enhanced the current IDS, with discrete event system (DES) as antifailure of RAP detection, while Kumar and Paul [44] were prone to leveraging the previous AP information value, as the identifier in determining the RAP surrounding the area.…”

Section: Ap Profilingmentioning

confidence: 99%

The rogue access point identification: a model and classification review

Arisandi

Ahmad

Kannan³

2021

IJEECS

View full text Add to dashboard Cite

Most people around the world make use of public Wi-Fi hotspots, as their daily routine companion in communication. The access points (APs) of public Wi-Fi are easily deployed by anyone and everywhere, to provide hassle-free Internet connectivity. The availability of Wi-Fi increases the danger of adversaries, taking advantages of sniffing the sensitive data. One of the most serious security issues encountered by Wi-Fi users, is the presence of rogue access points (RAP). Several studies have been published regarding how to identify the RAP. Using systematic literature review, this research aims to explore the various methods on how to distinguish the AP, as a rogue or legitimate, based on the hardware and software approach model. In conclusion, all the classifications were summarized, and produced an alternative solution using beacon frame manipulation technique. Therefore, further research is needed to identify the RAP.

show abstract

“…If there is a time constraint, the attacker must attempt forced deauthentication [8]. This raises the issue that forced de-authentication may be detected through a network scanner such as Wireshark or through more complex IDS [4]. In this attack, we facilitate such a threat through the removal of time constraints.…”

Section: Attacksmentioning

confidence: 99%

“…We demonstrate the threat of HDMI-Walk with a specific testbed of commonly used HDMI equipment (e.g., Google Chromecast and Sharp Smart TV) for the evaluation of HDMI-Walk attacks. Specifically, as proof-ofconcepts, we performed five novel HDMI-Walk attacks involving: (1) malicious topology inference; (2) Denial-of-Service attacks; (3) audio eavesdropping with sensitive data transfer over HDMI; (4) targeted device attacks to disrupt services through HDMI; and (5) finally the facilitation of existing wireless-based attacks with a CEC-enabled HDMI device. We also evaluated the implications of these attacks as part of this work.…”

Section: Introductionmentioning

confidence: 99%

HDMI-walk

Rondon

Babun

Akkaya

et al. 2019

Proceedings of the 35th Annual Computer Security Applications Conference

View full text Add to dashboard Cite

The High Definition Multimedia Interface (HDMI) is the backbone and the de-facto standard for Audio/Video interfacing between video-enabled devices. Today, almost tens of billions of HDMI devices exist in the world and are widely used to distribute A/V signals in smart homes, offices, concert halls, and sporting events making HDMI one of the most highly deployed systems in the world. An important component in HDMI is the Consumer Electronics Control (CEC) protocol, which allows for the interaction between devices within an HDMI distribution network. Nonetheless, existing network security mechanisms only protect traditional networking components, leaving CEC outside of their scope. In this work, we identify and tap into CEC protocol vulnerabilities, using them to implement realistic proof-of-work attacks on HDMI distribution networks. We study, how current insecure CEC protocol practices and carelessly implemented HDMI distributions may grant an adversary a novel attack surface for HDMI devices otherwise thought to be unreachable through traditional means. To introduce this novel attack surface, in this paper, we present HDMI-Walk, which opens a realm of remote and local CEC attacks to HDMI devices. Specifically, with HDMI-Walk, an attacker can perform malicious analysis of devices, eavesdropping, Denial of Service attacks, targeted device attacks, and even facilitate other well-known existing attacks through HDMI. With HDMI-Walk, we prove that it is feasible for an attacker to gain arbitrary control of HDMI devices. We demonstrate the implementations of both local and remote attacks with commodity HDMI devices including Smart TVs and Media Players. Our work aims to uncover vulnerabilities in a very well deployed system like HDMI distributions. The consequences of which can largely impact HDMI users as well as other systems which depend on these distributions. Finally, we discuss security mechanisms to provide impactful and comprehensive security evaluation to these real-world systems while guaranteeing deployability and providing minimal overhead, while considering the current limitations of the CEC protocol. To the best of our knowledge, this is the first work solely investigating the security of HDMI device distribution networks.• Security and privacy → Denial-of-service attacks; Distributed systems security; Denial-of-service attacks.

show abstract

Wireless Intruder Detection System (WIDS) in Detecting De-Authentication and Disassociation Attacks in IEEE 802.11

Cited by 14 publications

References 4 publications

A Light Weight Solution for Detecting De-Authentication Attack

A Light Weight Solution for Detecting De-Authentication Attack

The rogue access point identification: a model and classification review

HDMI-walk

Contact Info

Product

Resources

About